内网主机名解析相关类DNS协议记录

来自三线的随记

windows 内网解析主机名用到的常见相关协议

  1. MDNS
  2. LLMNR (windows默认开启)
  3. NBNS
  4. 路由器自己发现了设备(通过arp / dhcp lease ..),路由器DNS实现解析的


Linux 开启 LLMNR支持(不能在生产环境开启,有安全风险)

引述: https://tech.yj777.cn/%E7%94%A8-llmnr%E5%8D%8F%E8%AE%AE%E5%AE%9E%E7%8E%B0-windows-%E5%92%8C-linux-%E7%9A%84%E7%BB%9F%E4%B8%80%E8%AE%BF%E9%97%AE/

相关: systemd update :: https://linoxide.com/linux-how-to/install-systemd-centos-redhat/

  1. 安装systemd-resolved
  2. 配置开启LLMNR
  3. 关闭防火墙或者放行相关规则

systemd-resolved install steps (低于linux 8需要升级systemd并且安装systemd-resolved)

[root@master-1 ~]# rpm -q systemd systemd-resolved
systemd-219-57.el7.x86_64
package systemd-resolved is not installed


# yum install systemd-resolved
Dependencies Resolved

=============================================================================================================================================================
 Package                                   Arch                            Version                                   Repository                         Size
=============================================================================================================================================================
Installing:
 systemd-resolved                          x86_64                          219-67.el7_7.2                            updates                           412 k
Installing for dependencies:
 json-c                                    x86_64                          0.11-4.el7_0                              base                               31 k
Updating for dependencies:
 cryptsetup-libs                           x86_64                          2.0.3-5.el7                               base                              338 k
 systemd                                   x86_64                          219-67.el7_7.2                            updates                           5.1 M
 systemd-libs                              x86_64                          219-67.el7_7.2                            updates                           411 k
 systemd-sysv                              x86_64                          219-67.el7_7.2                            updates                            88 k

Transaction Summary
=============================================================================================================================================================
Install  1 Package  (+1 Dependent package)
Upgrade             ( 4 Dependent packages)

Total download size: 6.3 M
[root@master-1 ~]# rpm -q systemd systemd-resolved
systemd-219-67.el7_7.2.x86_64
systemd-resolved-219-67.el7_7.2.x86_64
sed -ir "s/^(#)?LLMNR.*/LLMNR=yes/" /etc/systemd/resolved.conf
systemctl --now enable systemd-resolved
[root@master-1 ~]# ss -anptu | grep resolve
udp    UNCONN     0      0         *:5355                  *:*                   users:(("systemd-resolve",pid=28108,fd=12))
udp    UNCONN     0      0      [::]:5355               [::]:*                   users:(("systemd-resolve",pid=28108,fd=11))
tcp    LISTEN     0      128       *:5355                  *:*                   users:(("systemd-resolve",pid=28108,fd=14))
tcp    LISTEN     0      128    [::]:5355               [::]:*                   users:(("systemd-resolve",pid=28108,fd=15))
注意

centos 需要 /etc/nsswitch.conf 中 hosts 需要添加 resolve 以开启 nss 模块

#hosts:     db files nisplus nis dns
hosts:      files dns myhostname resolve


>= linux 8开启LLMNR

sed -ir "s/^(#)?LLMNR.*/LLMNR=yes/" /etc/systemd/resolved.conf
systemctl --now enable systemd-resolved

修改 /etc/nsswitch.conf 文件 host 块值添加resolve, 注意在nsswitch.conf 文件中 [NOTFOUND=return] 意味着如果前面的方法返回没有结果那么搜索就会停止

hosts:      files dns myhostname resolve 


related commands (部分仅linux 8+可用)

resolvectl status
systemd-resolve --status
systemd-resolve {hostname / domain}
resolvectl query {hostname / domain}


Extra information

  1. systemd-resolve解析服务默认监听在 127.0.0.53%lo:53
  2. /var/run/systemd/resolve 文件夹下的配置文件可用于建立软连接,部分发行版os默认会建立软连接/etc/resolv.conf到systemd-resolved,然后由systemd-resolved接管系统DNS配置
  3. LLMNR默认依靠UDP 5355通讯
  4. LLMNR由于协议的广播性以及无认证性有中间人攻击安全风险


参考

http://www.jinbuguo.com/systemd/nss-resolve.html

http://man7.org/linux/man-pages/man8/nss-resolve.8.html